search

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system
http://www.cuckoosandbox.org
Other
5.51k stars 1.7k forks source link

Hyper-V support #2942

Open lirofte opened 4 years ago

lirofte commented 4 years ago

Thanks for creating an issue! But first: did you read our community guidelines? https://cuckoo.sh/docs/introduction/community.html

What is your suggestion?
        here is any chances that cuckoo will support Hyper-V too in the future??

What is the goal of this change/addition?
     Support for Hyper-V virtual machines as victim vms

Do you have suggestions for the implementation?
   Not really
Dylan-J commented 4 years ago

@lirofte while not official, I have had success in using cuckoo with Hyper-V as 'physical machinery'. I created a custom scheduled task that runs on the Hyper-V host to automatically revert to a known good checkpoint upon cuckoo completing the analysis and rebooting the machine. I'm in the process of doing a write up on it so I'm happy to share when it's completed (next couple of days).

Shersto commented 4 years ago

Did you ever get this write-up finished, would be interested in knowing about this